This Week in Compliance: U.S. DOJ to Reduce Use of Corporate Monitors

by GAN Integrity on October 19th, 2018

This Week in Compliance: U.S. DOJ to Reduce Use of Corporate Monitors

Business

Canada refuses to negotiate Deferred Prosecution Agreement with SNC-Lavalin: Canadian engineering and construction company SNC-Lavalin received word this week from the Director of the Public Prosecution Service of Canada (DPPSC) that it will not invite the company to negotiate a deferred prosecution agreement. The DPPSC backed up its decision by saying that the criteria for a remediation agreement set forth in the criminal code were not met in this case. SNC-Lavalin has stated in response that it strongly disagrees with the DPPSC’s current position, arguing that it has built a “world-class ethics and compliance framework” since 2012. Following a public consultation that ended in November 2017, Canada introduced the Remediation Agreement Regime, a regime broadly similar to the Deferred Prosecution Agreements commonly used in the U.S, in September of this year. These latest developments stem from charges brought in February 2015 over allegations that the firm and two of its subsidiaries gave tens of millions of dollars to Libyan government officials in order to influence decisions. SNC-Lavalin has indicated it’s reviewing options to appeal this decision.

U.S. Department of Justice to reduce role of compliance monitors: In a talk last Friday at NYU Law School, Brian Benczkowski, head of the Justice Department’s criminal division, issued new guidance to prosecutors that will likely reduce the frequency of corporate settlements conditioned on the hiring of compliance monitors. The guidance implies that the imposition of a monitor should not be done punitively; it should only occur when deemed necessary to ensure compliance with the terms of an agreement. Moreover, prosecutors should weigh the “projected costs and burdens” before taking the step of imposing a monitor. Prosecutors are further instructed to consider whether a change of corporate leadership or a new “compliance environment” has already sufficiently reduced the chance of additional violations. However, the new policy is not a radical departure from the past, as only a third of corporate resolutions from the past five years have involved a monitor.

Twitter facing GDPR scrutiny over refusal to comply with subject access request: The Irish Data Protection Commission (DPC) has confirmed that it is investigating whether Twitter’s refusal to comply with a ‘subject access request’ constitutes a breach of the EU’s General Data Protection Regulation (GDPR). The investigation relates to a complaint lodged by a researcher at University College London (UCL) after Twitter refused to tell him how the company uses its shortened t.co links to track user data. The Irish DPC also indicated it would consider involving the European Data Protection Board, an independent advisory body tasked with ensuring that the GDPR is consistently applied across the individual member states. Under the GDPR’s ‘One Stop Shop’ principle, Ireland’s DPC is now tasked with investigating cross-border breaches.

Government

Brazilian President Michel Temer faces additional corruption charges:Brazil’s federal policy filed new charges against President Michel Temer on Tuesday. The charges relate to corruption, money laundering and criminal association for taking bribes to favor certain port management companies. The investigation centers on a decree signed by Temer in 2017 which extends the concessions at the Santos port from 25 to 35 years. The report also brings charges against one of the president’s daughters and two of his closest aids; it further recommends Temer’s assets be frozen. The country’s Attorney General will now have 15 days to decide whether to formally pursue the case. If she does so, two-thirds of Congress’ lower house would still need to vote to allow a trial, potentially suspending Temer. However, lawmakers have rejected a trial in two previous attempts to have Temer stand trial over corruption charges.

Building a comprehensive structure for your compliance program is essential to effectively and efficiently mitigate risk. And while risks vary from one company to another based on industry, location, and partners – thereby disqualifying any one-size-fits-all compliance program – the underlying structure of a program can, to a reasonable extent, be broken down into a set of components.